Make sure your running version 3.1.5 if you are using Akismet to battle comment spam as it patches critical security vulnerability. Due to the nature of the bug, the Akismet team pushed out auto updates to sites that can accept them. According to Sucuri, sites using Akismet 3.1.4 and lower and that have the Convert emoticons to graphics on display option enabled, are at risk. An attacker with sufficient knowledge of WordPress’ internals could insert malicious scripts in the Comment section of the WordPress backend. So far, Akismet developers don’t have any evidence that the vulnerability is actively being exploited in the wild.